It’s Episode 407 and I’ve got plugins for Image Compression, Importing and Exporting user lists, Cleaning up old Short Codes, and news on what’s happening for ClassicPress. It’s all coming up on WordPress Plugins A-Z!

The Weekly round up of news, tips, and information to help you create the best possible WordPress website.

This is a weekly round up of WordPress news I have accumulated from across the web. Some old, some new, but always interesting. The new relates to WordPress and sometimes other areas of the web. It often has a focus on security and more.

We try to have news here that is important to help you with your website as well as news from the wpdrama scene and more.

Some of the news here will be of interesting links to not only articles but training materials and other sources I can find online that will help you create a better WordPress website.

This week we have the following news for you.

WordPress Governance Project Flagged as Unsanctioned, First Meeting Set for January 15

The WordPress Governance Project is a new community initiative, led by Rachel Cherry and Morten Rand-Hendriksen, that will host its first meeting Tuesday, January 15 2019.

The purpose of the project is to address two objectives: Hendriksen advocated for open governance when he introduced the project at WordCamp US in his presentation, Moving the Web forward with WordPress. He discussed how the decisions made for WordPress’ future affect a large portion the web. The project will first look at WordPress’ internal governance structure and then move into the second aspect of getting WordPress a seat at the table in important discussions affecting the broader web.

Contributors on the project are aiming to propose a governance model for WordPress at or before WordCamp Europe 2019 or the Community Summit, if one is planned for 2019. The group plans to research existing governance models from corporations, government, and the open web community and submit their proposal to WordPress’ current leadership for consideration. Read original article here…. wptavern.com

55 Web Design Blogs to Follow in 2019

Inspiration comes in many forms and professional development never ends. With that in mind, we have put together a massive list of web design blogs that can keep your brain fed for the entire year. But don’t worry. You won’t find any duds on this list. We respect your time and feel like you deserve only the best of the best. Fire up your Feedly account and get ready to add more than a few subscriptions.

Starting us off, we have Smashing Magazine. It’s not often that you find a publication that can put out as many high-quality articles as consistently as Smashing can. Some places publish lots of articles that have very little substance, but Smashing Magazine makes sure that pretty much every word they publish is relevant to you as a designer and developer. They also do various freebies and host conferences, as well as put out books on topics across our field, too. Read original article here…. elegantthemes.com

WordPress 5.1 to Replace “Blogging” References with “Publishing”

WordPress 5.1 will replace the “Happy blogging” language in wp-config-sample.php with “Happy Publishing.” The next major release also cleans up a few other “blog” references by replacing them with the word “site.” A lot of tutorials and documentation will need to be updated. WordPress contributors are continuing to fine-tune the wording in various files to reflect its expanded capabilities as a publishing platform.
“As of this commit, WordPress is no longer a simple blogging platform,” Gary Pendergast wrote in the commit message. “It’s now a comprehensive publishing solution.” Read original article here…. wptavern.com

And now for something older in the past article collections.

How I Got My Slow WordPress Site Loading In 200ms (100% Grades)

I’ll show you how to take your GTmetrix, Pingdom, and PageSpeed Insights report and use them to make WordPress-specific optimizations that improve grades/load times. I’ve already written one of the most popular WP Rocket tutorials including one on W3 Total Cache and WP Fastest Cache which combined have 800+ comments and used by 250k people. Let’s do yours! Read original article here…. onlinemediamasters.com

https://wppluginsatoz.com/wp-content/uploads/2026/06/News-Featured-10-25-2018.png600600John Overallhttps://wppluginsatoz.com/wp-content/uploads/2018/06/WPPlugins300x100sitelogo.pngJohn Overall2019-01-10 15:46:142019-01-08 16:59:38Round up of WordPress News and Tips January 10th

Banned from WordPress.org Forums! It seems I have landed into #WPDrama of my own finally after 9 years of WordPress. What happened? How did I get into such a mess? Well it seems I had thought I could do something and was wrong and I was properly dealt with at least as far as Jan Dembowski is concerned and he has washed his hands of my case as you can read below.

First some background on the issue.

As many of you know I have been doing a podcast the WP Plugins A to Z show for over 8 years now. Weekly reviews of WordPress plugins my thoughts about them and for 6 of those years I had a co-host Marcus Couch so his thoughts also. I had believed it would be a good idea to start placing those reviews into the WordPress.org forums so people could know about them. I was also linking back to the show in which the review was made so they could get more information. Seemed reasonable to me. I was wrong..

I do not log into my WordPress.org account very often usually every couple months, or so I thought (turns out it was often longer) it seems it had been 5 months since my last login. I went to login and my account was deactivated. Initially I had no idea why but I soon began to suspect why. As you will see in the email thread with Jan Dembowski, I would be enlightened and reprimanded for my BAD behavior. I would try to get back my account and be properly contrite but in the end after accepting responsibility for my wrongs and promising not to do it again and calling him out on his behavior, and I was left in a banned state and I would have to appeal to another volunteer moderator for my case.

Here’s why: you spammed the reviews. Egregiously (I use that word a lot lately).

You kept leaving reviews with links to your real review on your site. You did that 31 times and you were asked by moderators to stop doing that. You ignored those emails and all 31 reviews were archived and your account was banned for spamming.

Jan Dembowski

***** Ok, I can accept that and I was wrong for not know the rules, but the bit of snark at one point did not seem warranted and it seemed a bit heavy handed on another. I thought, well I did make a mistake. So I would try to make it better and I sent off the following: **********

Hi Jan,

Amazing how time flies, I had not realized it had been 5 months since I last logged in.

Interestingly, none of those emails asking me to change my practice ever arrived, not even in my spam folder. And it’s pretty severe, I think, to just cut off an attempt to fix and make things right. I had not realized linking back to my show was an issue. They were not links to the “Real” review but to the verbal review. Had I seen any of the emails you say were sent I would have corrected the issue immediately.

Seems to be typical of companies today, if someone makes a mistake to just cut them off and not let them atone for it. Pretty sad I think that the world has become this way.

The reviews were all legit. I have been doing reviews for 7 years now on my podcast WP Plugins A to Z (and I thought sharing them with a link back to the show would be helpful for the dev). I do not believe it was spamming as I was linking to where they could hear more about what I said in my review of the plugin.

It is sad that all those developers that I review will no longer get the advantage of having my review added to their reviews list.

How about if I propose a fix here?

How about if you unlock my old account, I go into all the previous reviews, I then edit out and remove all the links. Then in the future I only place the review and mention the WP Plugins A to Z show and have no links there. Will this fix the problem?

****

And Jan responded back breaking up my email into points not a bad thing, I do that all the time. It did seem to have the same snark in the response, judge for yourself.. *******

Hi,

> Interestingly, none of those emails asking me to change my practice

> ever arrived, not even in my spam folder.

The same system for mail were are using now is the same system those notifications use. If you did not get it it’s not for lack of the system sending them out. This place sends out an amazing amount of email and some less enlightened mail systems think we spam (we don’t).

> And it’s pretty severe, I think, to

> just cut off an attempt to fix and make things right. I had not

> realized linking back to my show was an issue. They were not links to the “Real”

> review but to the verbal review. Had I seen any of the emails you say

> were sent I would have corrected the issue immediately.

That’s good to know that had you read those emails you’d have corrected your actions.

> Seems to be typical of companies today, if someone makes a mistake to

> just cut them off and not let them atone for it. Pretty sad I think

> that the world has become this way.

And that’s incorrect. Completely. You were warned, you did not modify your behavior. That has consequences. That you didn’t get or read the warnings has nothing to do with the moderators who warned you. The email went out.

WordPress.ORG despite many people’s misunderstanding isn’t a company. It’s an open source community software project staffed by volunteers such as myself doing thing on their own time.

> The reviews were all legit. I have been doing reviews for 7 years now

> on my podcast WP Plugins A to Z (and I thought sharing them with a

> link back to the show would be helpful for the dev). I do not believe

> it was spamming as I was linking to where they could hear more about

> what I said in my review of the plugin.

The reviews have always been limited to feedback and is not about “go here for more information” links. As I am sure you can imagine some not very nice people have abused the reviews and were informed to stop. If they do not heed that warning then, as you’ve found out, the account gets banned.

NOTE: Actual spammers such as “male enhancement” spam doesn’t get a reply and is not archived. It’s flagged as spam and dealt with. That’s not the case with you, I’m just trying to be complete.

Those accounts get banned for cause (spam). Abuse is abuse and that’s not long tolerated. I think you understand why that is.

> It is sad that all those developers that I review will no longer get

> the advantage of having my review added to their reviews list.

See above comment of mine about abusive behavior.

> How about if I propose a fix here?

> How about if you unlock my old account, I go into all the previous

> reviews, I then edit out and remove all the links. Then in the future

> I only place the review and mention the WP Plugins A to Z show and

> have no links there. Will this fix the problem?

Yes and no. If you agree then I will unban your account as we’re having this conversation and I am positive you understand and will not repeat that behavior.

I will not restored those reviews as there’s many and frankly there’s no point. They’ve been gone for 5 months now. Also you’re describing a lot of work and enough effort was spent archiving those reviews.

If you like, feel free to leave new reviews. But if you do refrain from links and even the suggestion of “visit my site for more information”. The review section is where you provide your feedback. Keep it in text and in that section where it belongs.

Let me know if that works for you. You may want me to change the email on that old account to the one that you’re using now.

Thanks,

Jan Dembowski

******

Ok well you judge if it was a bit heavy on snark or not. But I wanted the account back to start posting reviews again. Also I was not too sure about the reference to Male Enhancement. I also thought I would clarify I had read the rules in the forum.. So I sent back this: ********

Hi Jan,

Yes. I would like to have my “sirdragonlord” account unbanned and the email associated with it changed to john@wppro.ca. I will keep this account as my personal account. I see in the “Forum Guidelines” that I am able to create a ‘business’ account. I will create a new account for my podcast, WP Plugins A to Z, and use it to post the plugin reviews I have given on my show. Am I able to reference, in text form with no links, the information about which show their plugin review was produced in? Or any other pertinent information about it that will help the developer to find the review on my site themselves without including links to the actual show or my site? An example would be “as reviewed by John Overall in episode #850 of the WP Plugins A to Z Podcast show” or “as reviewed in episode #850 of the WP Plugins A to Z Podcast show on YouTube”?

Please clarify if the above statements are made within the review post they will be acceptable. I want to ensure that I am abiding by the guidelines that are in place so that we don’t have this issue again.

******* And he sent back this you judge here how the response was.. ********

Hi John,

No, that is not true. You are reading the forum guidelines incorrectly and if you do create multiple accounts then you will be permanently banned. That “business account” is for plugin and theme authors to upload code only or for specific support people of those companies with said plugins or themes. That’s not you.

And if you add anything like “as reviewed by John Overall in episode #850 of the WP Plugins A to Z Podcast show” then that’s spamming. Just cut that out now.

The forums are not for your “brand”, its not for marketing, it is not to generate traffic, revenue or anything like that. The review is only for describing in words your experience with that plugin or theme. That’s all and nothing else.

What you are describing is spam. Don’t. That is not allowed and if you do that all of your accounts will be banned for good for spamming.

I can un-ban your one account BUT you can only use it to get support, help others or (in the capacity I’ve described) leave reviews without referencing your site at all.

If you are OK that let me know and I’ll proceed. If you have already created a new account, let me know too before I locate it myself; that would be bad if I do.

****** and so I thought about my final response this is it*****

Now at this point I had thought I might be loosing my mind about what I read so I decided to pop back in and check and sure enough the rules had changed between the 20th and the 21st of Dec 2018 as below.. Thank goodness for the Wayback machine..

If you are plugin or theme developer, or a representative of a company involved with WordPress in some way (like a hosting provider), having separate personal and “business” accounts is acceptable, we don’t consider that to be sockpuppetry.

What it now says on Dec 21, 2018:

If you are plugin or theme developer only, having separate personal and “business” accounts is acceptable for uploading code to the WordPress repo or for a very limited capacity of support of that plugin or theme. In that limited capacity that may not be consider that to be sockpuppetry.

****

This saga was interesting and I gave allot of thought to my final response because I knew that if my words did not convey anything but total submission i would be banned by Jan Dembrosky, I weighed if I really needed the account over at WordPress.org forums and realized I do not actually need it but would like to have it. So I decided to be straightforward and express my dissatisfaction with the process as well as plead my case. The result was as expected… Judge for yourself and let me know in the comments.

*****

My final response

Hi Jan,

Looks like I have no option but to accept your terms for the reactivation of my account. Please reactivate it as per your terms in your last email. I had not created the other account as of yet.

I look forward to having my account, SirDragonlord, back and associated with the email john@wppro.ca.

One of the most unfortunate things about email is not being able to really get the tone of voice for the words being typed. Unfortunately, in all your emails, your tone comes across as snarky and rude. I have been nothing but polite during this thread, trying to get a clear understanding of things. I have accepted my responsibility for what I have done and wanted to make sure going forward I did not cross any lines.

You have been pretty snarky and at points seemingly condescending during this thread. I have asked questions to clarify things and gotten snark and rudeness and accusations back. Why?

One strange thing though, when I read the forum guidelines on Dec 20, 2018 they indicated that if your company was involved in any way with WordPress it was ok to also have a ‘business’ account. I see that has changed as of Dec 21, 2018.

If you are plugin or theme developer, or a representative of a company involved with WordPress in some way (like a hosting provider), having separate personal and “business” accounts is acceptable, we don’t consider that to be sockpuppetry.

What it now says on Dec 21, 2018:

If you are plugin or theme developer only, having separate personal and “business” accounts is acceptable for uploading code to the WordPress repo or for a very limited capacity of support of that plugin or theme. In that limited capacity that may not be consider that to be sockpuppetry.

Good to see it is crystal clear now, even if it is awkward to read. Good to know I may have had a hand in this being clarified (note you have a couple grammatical errors in the last line)

Additionally,

Just so you know I won’t reference my podcast when I start posting again. But, I feel this is a disservice to the community as my show has reviewed thousands of plugins from the good to the bad and have helped thousands of users find great and interesting plugins over the last 8 years. My being able to reference where a review is coming from adds a bit more credibility to the review as it is coming from a long standing, credible and knowledgeable source. This gives it more weight to both the review and the plugin than a regular review, kind of like a report from Consumers Reports. It may add more trust and belief to the review when someone is determining if they want to use the plugin.

******

The last response from Jan and my being banned ***********

Hi John,

I’m sorry if you thought my tone was rude or I was being “snarky”. I wasn’t, I was being exacerbated by your replies and after a few emails I may have lost my patience with you. I do apologize for that. This isn’t my email address and I am not representing myself here in this WordPress email.

Here’s why I lost my patience.

You spammed the forums. That’s not up to your interpretation or acceptance. Your reviews are all still there they are just not visible to you or others. You were spamming and that is abuse.

More than one moderator asked you to stop with a reply that was guaranteed to send your old email that.

For whatever reason you disregarded that and repeated your abuse.

Your account was banned for good cause.

Five months later you started this email thread.

When I explained what you did, you chose to be partly reconciliatory about that while opining about what “Seems to be typical of companies today”. I corrected your assumptions about that and offered a way to get your account back.

Then you tried to use the guidelines to game the system and you tried to determine what level of self-promotion is acceptable. That’s likely where my replies began to show my exacerbation.

Yes, the guidelines were soon updated after that and a conversation in Slack with the moderators occurred at that time. The purpose of that section in the guideline is simple. Do not create multiple accounts, do not sock puppet. The guidelines are not an acceptable use policy, they are not a terms of service. They’re a simple guideline on how to behave in the forums and trying to game that isn’t acceptable either.

I’m a volunteer. I don’t have any obligation to help someone who abused the forums and leaving you banned is an appropriate outcome. Your situation is not a result of any rudeness or snark on my part. You were banned due to your actions, not mine. I’ve been trying to explain where you went awry and you don’t like my tone, you’ve indicated that I’m being rude and snarky.

OK then. Fair enough, I may have let my patience lapse when I read your replies and now I’m walking away from this conversation. I have no desire to misrepresent this community and you are dissatisfied dealing with me and my replies. This is not my email inbox and perhaps someone else can help you.

That other person can also un-ban your accounts if they choose. I’m leaving your accounts in their banned state.

Please have a nice holiday and New Year.

*****

Thus ends my trip though #WPDrama

Final Comments:

Now I had thought long and hard about my last response and thinking about everything he had written and realized that if I was properly contrite and on my metaphorical knees I would get my account back but at the loss of my dignity. I realized that I did not need the account back that badly. What I did on the WordPress.org Forums was for the community not myself. I shared reviews from my show and occasional responded to help questions if I caught one.

I realized by not giving the right words I would end up banned and I was right since I refused to kowtow to Jan Dembroski. I also noted his inconsistency in saying that my old stuff is gone implying deletion and that it is all still there as mentioned in his last email.

It is interesting to note the Guidelines are not hard rules in anyway for the WordPress.org Forums. They are just a way to behave and well guidelines are just a guide. here is the definition from Wikipedia: https://en.wikipedia.org/wiki/Guideline

A guideline is a statement by which to determine a course of action. A guideline aims to streamline particular processes according to a set routine or sound practice. By definition, following a guideline is never mandatory. Guidelines are not binding and are not enforced.

The Weekly round up of news, tips, and information to help you create the best possible WordPress website.

This is a weekly round up of WordPress news I have accumulated from across the web. Some old, some new, but always interesting. The new relates to WordPress and sometimes other areas of the web. It often has a focus on security and more.

We try to have news here that is important to help you with your website as well as news from the #wpdrama scene and more to share.

Some of the news here will be of interesting links to not only articles but training materials and other sources I can find online that will help you create a better WordPress website.

This week we have the following news for you.

How to Use Gmail to Send WordPress Emails

By default, WordPress uses the mail function in PHP, which is sufficient for the few emails that a new or small WordPress site needs to send. When your email volume increases, you’ll start to notice email delivery issues. You’ll need to switch over to a third party provider such as Gmail at this point.

In this post, I’m going to teach you how to configure the WP Mail SMTP plugin to use the Gmail API for sending WordPress emails. I’ll also teach you a faster and multisite-friendly way to set this up using WPMU DEV’s Ultimate Branding plugin. We’ll go over why using a third-party email provider is imporant and look at some popular transactional email service providers. Read original article here…. premium.wpmudev.org

Top 4 Ways to Turn Off Gutenberg in WordPress 5.0

It’s easy to turn off the Gutenberg text editor. See my top 4 ways to do it, depending on your needs.

Here are my top choices, and tips for selecting the one that is right for you.

NOTE: WordPress has announced that the Classic Editor plugin will be bundled with the WP 5.0 update. However, for new installs, you’ll need to manually add the plugin via the WordPress plugins repository (like you do for other free plugins). Read original article here…. blogaid.net

This week we have the following Security News for you.

WP GDPR Compliance Plugin Patches Privilege Escalation Vulnerability

At the end of last week, a plugin called WP GDPR Compliance sent out a security update for a privilege escalation vulnerability that was reported to the WordPress Plugin Directory team on November 6. The plugin was temporarily removed and then reinstated after the issues were patched within 24 hours by its creators, Van Ons, a WordPress development shop based in Amsterdam.

The changelog for the most recent release states that previous versions are vulnerable to SQL injection due to “wrong handling of possible user input in combination with unsafe unserialization.” The fixes are in version 1.4.3, which includes the following:

And now for something older in the past article collections.

18 No-Fail Tips for Stunning Landing Pages with WordPress

We’re all familiar with the term “landing page” thanks to Google Analytics. But while a landing page is technically the first page someone “lands” on when they visit a website, that’s not always what we mean when we talk about landing pages.

While most pages on your website should be able to convert visitors (i.e. sign up to an email list, click a call-to-action button etc) in some form or another, that’s not always the explicit intention of them (at least from the visitors’ point of view). Home pages elicit emotion. Services and product pages educate. Blog posts inform and deliver value. Read original article here…. premium.wpmudev.org

https://wppluginsatoz.com/wp-content/uploads/2018/11/News-Featured-Nov-15-2018.png600600John Overallhttps://wppluginsatoz.com/wp-content/uploads/2018/06/WPPlugins300x100sitelogo.pngJohn Overall2018-11-15 16:09:022019-01-03 15:04:59Round up of WordPress News and Tips November 15th

The Weekly round up of news, tips, and information to help you create the best possible WordPress website.

This is a weekly round up of WordPress news I have accumulated from across the web. Some old, some new, but always interesting. The new relates to WordPress and sometimes other areas of the web. It often has a focus on security and more.

We try to have news here that is important to help you with your website as well as news from the #wpdrama scene and more to share.

Some of the news here will be of interesting links to not only articles but training materials and other sources I can find online that will help you create a better WordPress website.

This week we have the following news for you.

Why I Yanked W3 Total Cache Off My Recommended Plugins List

That’s it. I’ve had it with the W3TC plugin. See why I won’t use it again and advise you don’t either.

No free caching plugin holds a candle to the configuration options in W3TC.

In fact, high traffic sites without those options actually incur more caching and server load and perform worse than if they had no caching plugin at all.

W3TC was even a top 3 winner in my head-to-head caching plugin test.

The plugin has been around for years and has over 1 million installs.

Yet the developer, Frederick Townes, has never seen fit to make it any more than a Beta release.

I think that if there is the one major drawback to working as a freelancer (WordPress or otherwise), it would be the temptation factor. The temptation to turn on your TV for 15 minutes while you eat a warmed-up burrito. That temptation to nap with your dog after a particularly difficult assignment. That temptation to stay in your jammies all day because they’re just so dang comfortable.

Let’s face it, when you work as a freelancer, it can be tempting to sink into a rut and get way too comfortable. Getting too lax can mean you miss deadlines and turn in poor quality work. And that’s bad for business.

My personal recommendation, which also happens to be supported by a number of experts, is that you create a schedule—and stick to it. Every day. Every week. For as long as it takes for it to become like second nature. Read original article here…. premium.wpmudev.org

This week we have the following Security News for you.

WordPress Is Now on HackerOne, Launches Bug Bounties

WordPress now has its own official HackerOne account where security researchers can responsibly disclose vulnerabilities to the security team. The project’s page was previously listed under Automattic’s profile before HackerOne launched its free community edition for open source projects. WordPress has now transitioned to its own account, which also includes sister projects BuddyPress, bbPress, GlotPress, and WP-CLI, along with all of their respective websites.

“We have about 40 people with access to triage reports, although, like most volunteer groups, not everyone is usually triaging at the same time,” Campbell said.

“Bounties are calculated based on bug severity, the product or site it’s on (WordPress core being weighted more heavily than say the swag store), and also the quality of the report,” Campbell said. Automattic is sponsoring the bounty payouts on behalf of the WordPress project. Read original article here…. wptavern.com

Abandoned WordPress Plugins Can Make Your Site Vulnerable

Wordfence is one of the first plug-ins I install when I set up a WordPress site. And their blog is a great source of information on current vulnerabilities and exploits. They have posted a list of 22 Abandoned WordPress Plugins with Vulnerabilities. And while the list is interesting, some of the other data they have unearthed is a cause of concern.

The Weekly round up of news, tips, and information to help you create the best possible WordPress website.

This is a weekly round up of WordPress news I have accumulated from across the web. Some old, some new, but always interesting. The new relates to WordPress and sometimes other areas of the web. It often has a focus on security and more.

We try to have news here that is important to help you with your website as well as news from the #wpdrama scene and more to share.

Some of the news here will be of interesting links to not only articles but training materials and other sources I can find online that will help you create a better WordPress website.

This week we have the following news for you.

20 Lessons I’ve Learned as a WordPress Freelancer

As you embark on your WordPress freelance journey–whether as a writer like me or a developer, designer, marketer, or something else altogether–know this: many people have walked in your shoes.

While there are certainly some people doing business online that are jacks of all trades, not everyone can be Amazon. So, in the WordPress arena it’s important you select a niche that can help you differentiate yourself from the sea of people competing with you.

As a freelancer, you’ve got no one else to sell your skills or your business but yourself. If you don’t know how to pitch your services or maintain a positive relationship with clients, you’ll struggle. Learn communication and customer service techniques that’ll make it hard for anyone to say no or let you go.Read original article here…. premium.wpmudev.org

New Plugin Offers Better Plugin Recommendations in the WordPress Admin

If you work with WordPress every day you may have learned to tune out the recommended plugins in the admin by now, but the “Add Plugins” screen is an important part of the new user experience. WordPress developers Joey Kudish and Nick Hamze have released a plugin that brings better recommendations to the admin.

The recommended plugins are slightly better, as they are based on plugins that the user and other users have installed. However, Hamze believes they could be tweaked even further to display plugins that specifically benefit new users. The Recommended tab was introduced two years ago to display results based on plugins that are commonly used together. It excludes plugins that users already have installed.

Hamze said he doesn’t know if WordPress can solve this problem diplomatically with code. He believes manual curation is required to deliver the best new user experience. A ticket for re-thinking the default ‘Add Plugins’ tabs/filters was is open on WordPress trac, as the plugins that appear in these screens have remained unchanged for some time. The ticket hasn’t received much discussion yet. Read original article here…. wptavern.com

12 Best Practice for Super Effective Mobile Call-to-Action Buttons

Recently, I wrote about what research says about how to optimally place calls-to-action on your WordPress site. While I briefly mentioned a possible difference between desktop and mobile CTA placement, there wasn’t much evidence available to definitively prove a clear difference there. That being said, we do know there are other defining characteristics that mobile CTAs have that desktop ones don’t.

It’s important to put yourself in the shoes of your visitors. Smartphones typically equate to “convenience,” so take advantage of that with your CTA messaging. Don’t force anyone to play the guessing game. Use action words that tell them exactly what to do and what will happen right now if they do. If it makes more sense to do so, you could instead try appealing to their current emotional state. Read original article here…. premium.wpmudev.org

This week we have the following Security News for you.

SEO Spam Campaign Exploiting WordPress REST API Vulnerability

There is a new wave of SEO spam campaigns using this vulnerability, not only create spam posts, but to replace existing post content with spam keywords and links.

Back then we predicted that defacements were just the beginning. After those highly visible and immediate attacks, we started to discover that SEO spammers were exploiting the same vulnerability to manipulate search engine results. Read original article here…. blog.sucuri.net

And now for something older in the past article collections.

If Only That WordPress eCommerce Plug Could [fill in the blank]

For the sake of this post, I am focusing on eCommerce plugins, but what I am about to say really relates to any WordPress plugin. (And probably even themes, but we aren’t going to go there today.)

This is something I see all the time. In fact, just saw it again in a Facebook group (surprise!). A comment along these lines:

I really love using xyz plugin. But I really wish they would have built in the option to [fill in he blank]. I know there is a plugin that will probably do the job, but I don’t want to add another one, or pay more money. Yes, the feature could be coded in, but I don’t know how to do that and don’t really want to hire someone.

The Weekly round up of news, tips, and information to help you create the best possible WordPress website.

This is a weekly round up of WordPress news I have accumulated from across the web some old some new but always interesting. The new relates to WordPress and sometimes other areas of the web. It often has a focus on security and more.

We try to have news here that is not only important to help you with your website as well as new from the #wpdrama scene and more to share.

Some of the news here will be of interesting links to not only articles but training materials and other sources I can find online that will help you create a better WordPress website.

This week we have the following news for you.

In early October the popular Postman SMTP plugin was removed from WordPress.org due to security issues. The plugin had not been updated in two years and also contained a reflected cross-site scripting (XSS) vulnerability that was made public in June and left unfixed. The security researcher’s attempts to contact the plugin’s author, Jason Hendriks, were unsuccessful.

The plugin is used to improve the delivery of emails that WordPress generates and it logs the causes of failed emails to help eliminate configuration mistakes. It was installed on more than 100,000 sites before it was removed from WordPress.org. Read original article here…. wptavern.com

The Difference Between GTmetrix, PageSpeed Insights, Pingdom Tools and WebPagetest

GTmetrix requires JavaScript to function properly. Please enable JavaScript in your browser and refresh the page to ensure the best GTmetrix experience.

If you’ve used any of these tools, you may wonder why the results are sometimes different. The post serves to highlight the key differences in these performance analysis tools.

We’re glad to be in the company of other great tools that offer an in depth look at website performance.

PageSpeed Insights, Pingdom Tools, and WebPagetest all offer similar features to GTmetrix, but there are a few things that should be pointed out with regards to our differences. Read original article here…. gtmetrix.com

Locked Out of WordPress? 4 Solutions When You Can’t Access wp-admin

Are you currently locked out of WordPress? I can practically feel the anxiety through the screen. It’s understandable. There aren’t many more uncomfortable feelings than not being able to access your own WordPress website

Display Widgets, a plugin with more than 200,000 active installs, has been removed from WordPress.org due to its authors inserting malicious code. SEO consultant David Law was the first to bring this issue to the attention of the plugin team after discovering that Display Widgets was inserting content into sites from external servers and also collecting visitor data without permission. He posted to the WordPress.org forums several times to warn other users. Read original article here…. wptavern.com

How to add a new WordPress user without logging into WordPress

Simply add the below code to your active WordPress theme functions.php file, then visit the site to inject the new user and password into the database.

This week we have the following Security News for you.

Blog | Plugin Vulnerabilities | A service to protect your site against vulnerabilities in WordPress plugins.

From time to time a vulnerability is fixed in a plugin without the discoverer putting out a report on the vulnerability and we will put out a post detailing the vulnerability so that we can provide our customers with more complete information on the vulnerability.

Recently the web scanner service Detectify has been vaguely disclosing minor vulnerabilities in a number of WordPress plugins. It seems …To read the rest of this post you need to have an active account with our service. Read original article here…. pluginvulnerabilities.com

The Man Behind Plugin Spam: Mason Soiza

This post is part of a series. This is the second post and a follow-up to our first story titled “Display Widgets Plugin Includes Malicious Code to Publish Spam on WP Sites“. There is a third post in this series which explains how the same spammer influenced a total of 9 WordPress plugins over a 4.5 year period.

In this post, we explore who is behind the purchase and corruption of the Display Widgets plugin and at least two other popular WordPress plugins.

As part of my research into the sale of the Display Widgets plugin and the subsequent spam that appeared in it, I had reached out to Stephanie Wells, the original author of Display Widgets who sold it. Stephanie got back to me moments after I hit the publish button on our post. Read original article here…. wordfence.com

Backdoor WordPress Login Script

I have created this script to allow me to quickly login to clients wordpress installs after they have royally messed things up. For example, some clients have changed their admin password and dont know which email account they have used, so this script allows me to quickly create a new user, login and reset their details without having to muck about with mysql etc.

Cheat Sheet for Analyzing Malicious Software

This cheat sheet presents tips for analyzing and reverse-engineering malware. It outlines the steps for performing behavioral and code-level analysis of malicious software. To print it, use the one-page PDF version; you can also edit the Word version to customize it for you own needs.

And now for something older in the past article collections.

50+ Frequently Asked Questions About WordPress

Have a question? No problem – we get a ton of questions about WordPress everyday. To help we thought we’d share and expand on some of the most common questions we’ve been asked about WordPress! We’ll cover tons of topics including:

Not sure if WordPress is right for you? Here are answers to basic question about WordPress, what it is, how much it costs and more.

WordPress is a popular content management system (CMS) that you can use to power your website on your own hosting plan. WordPress makes creating a blog, landing page, online store, forum or other website possible for users around the world. Read original article here…. wpexplorer.com

A Guide to Designing Better Buttons and CTAs for WordPress

Buttons and calls-to-action fill up relatively little real estate but they’re some of the most important design elements of any website. Considering their importance, getting buttons and calls-to-action right is sort of a big deal.

However, designing buttons can be tricky. There are many design factors to consider when designing buttons – size, color, icons, shape, placement, and text — and call-to-action buttons are even more critical to get right. Read original article here…. premium.wpmudev.org

10 Hottest Web Design Trends You Gotta Know for 2017

The web is a rapidly evolving space. Technologies and development techniques can appear quickly. Ever improving tools allow for greater freedom when designing interfaces and interactions. And because of this, web design patterns and techniques can begin to trend within a short period of time.

Below is a list of web design trends to keep in mind during 2017. They aren’t all new; some are styles that have been gaining and/or maintaining their popularity during 2016. These are expected to continue to be in common use for new websites launched in 2017. Read original article here…. premium.wpmudev.org

A Quick and Dirty Guide to Post Type Templates in WordPress

WordPress 4.7 has delivered some fantastic new enhancements to the CMS’s template system. Templates have now been expanded to include all post types, allowing developers to create more nuanced themes and at the same time allowing site owners to manage content more easily.

But how does it all work? In this article, I’ll show you how to use post type templates in your themes with a few easy examples.

The Weekly round up of news, tips, and information to help you create the best possible WordPress website.

This is a weekly round up of WordPress news I have accumulated from across the web some old some new but always interesting. The new relates to WordPress and sometimes other areas of the web. It often has a focus on security and more.

We try to have news here that is not only important to help you with your website as well as new from the #wpdrama scene and more to share.

Some of the news here will be of interesting links to not only articles but training materials and other sources I can find online that will help you create a better WordPress website.

This week we have the following news for you.

How to Use Domain Mapping When You’re Not Running Multisite

Our Domain Mapping plugin makes mapping domains super easy in Multisite. It lets you create as many sites as you want in one WordPress installation and then make them all behave as if they’re separate sites echo on their own domain.

But sometimes you want to map a domain when you’re not running Multisite. You’ve created a site in its own WordPress installation somewhere on your server, maybe in a subdirectory, but you want to direct a domain name to it and have that show up in the browser instead of your own domain with the subfolder or subdomain showing up. Read original article here…. premium.wpmudev.org

How to Track Post Changes by Adding a History Feature to WordPress

If you’re running a website with multiple contributors, it can be hard to track post changes in WordPress itself. This can become a problem if you’re trying to identify the source of an error, or keep tabs on your writers’ activity.

Finding a way to track post changes in WordPress enables you to keep logs of practically all of the activity for your posts and pages. For this article, we’ll talk about why this functionality can help you and how to implement it in three simple steps. Let’s get to it! Read original article here…. elegantthemes.com

How to Run a Contest with WordPress (and Plugins to Help You Do It)

About a month ago, a woman named Mavis Wanczyk won a monster Powerball payout of $758.7 million. Wanczyk wasn’t the only winner that night either. In a store nearby, someone else bought a ticket worth $1 million. There were also other winners from this single Powerball play—9.4 million people (or, rather, tickets) to be exact.

Handling Form Submissions in WordPress with Admin-Post and Admin-Ajax

WordPress provides incredible support for you to work with form submissions in your application. Whether you add a form in the admin or public facing areas, the built-in mechanism with the admin-post and admin-ajax scripts will allow you to handle your form requests efficiently.

In this article, I’ll show you how to handle custom form submissions using the WordPress API. I’ll walk you through the process of adding a custom form in the admin area of a plugin, handle the form submission via an HTML as well as an AJAX request, and write the form handler in PHP to validate, sanitize and process the form input. Read original article here…. premium.wpmudev.org

20 of Google’s limits you may not know exist

Google has a lot of different tools, and while they handle massive amounts of data, even Google has its limits. Here are some of the limits you may eventually run into.

Many of the data reports within Google Search Console are limited to 1,000 rows in the interface, but you can usually download more. That’s not true of all of the reports, however (like the HTML improvements section, which doesn’t seem to have that limit).

The limit for the number submitted is higher, but you will only be shown 200. Each of those could be an index file as well, which seems to have a display limit of 400 site maps in each. You could technically add each page of a website in its own site map file and bundle those into site map index files and be able to see the individual indexation of 80,000 pages in each property… not that I recommend this. Read original article here…. searchengineland.com

This week we have the following Security News for you.

Malicious plugin installed backdoor on 200,000 WordPress websites

A very persistent malicious actor added a backdoor to a WordPress plugin called Display Widgets that installed backdoors on possibly 200,000 websites since June 21.

The hacker used the open-source Display Widgets plugin, which lets users control how their WordPress plugins appear on their sites, as the delivery mechanism for the backdoor. Although the number of potentially infected sites is large, what is almost as impressive is the hacker’s persistence. The infected plugin was repeatedly removed from the site by WordPress.org between June 22 and September 8 with the hacker dutifully replaced it.

60 Abandoned WordPress Plugins

WordPress security threats are on the rise. In some cases, hackers can gain control over WordPress sites. Now, the question arises, how can you secure your WordPress sites?

A major cause of security breaches in WordPress sites is outdated plugins and themes. These elements of a site can be particularly vulnerable to exploitation, and hackers are well aware of this. If a plugin hasn’t been updated during the past 2 years, it is categorized as an abandoned, or outdated plugin. Moreover, it may pose compatibility issues with WordPress. Read original article here…. pressable.com

7 Signs Your WordPress Website Has Been Hacked

One of the reasons WordPress is so popular as a content management system is because of its airtight security (read: it’s rare ability to be hacked). But the truth is, 136,640 attacks are happening per minute to WordPress websites across the globe.

And now for something older in the past article collections.

How to Beat Procrastination and Get More Done on Your WordPress Site

Everyone procrastinates now and then, but some people suffer much more than others. If you feel that procrastination is negatively affecting your productivity, then it is time to do something about it.

In this article we will look at why people procrastinate and what you can do about it. We discuss the importance of being clear on your goals and knowing your distractions and other weaknesses. We then consider productivity tips and tricks to help you maintain motivation and keep focused. Read original article here…. wpexplorer.com

How to Become a WordPress Professional in Your Free Time

Getting established as a WordPress pro isn’t easy. If you want to freelance or set up a WordPress business, you’ll need to build up a list of clients and establish a reputation for yourself. And if you’re looking for a WordPress job, you’ll need to demonstrate that you’ve got experience with WordPress and can work with it at a professional level.

But all this takes time learning and preparing, which you won’t get paid for. Unless you’re lucky enough to have an employer who’ll pay for you to learn WordPress (and give you paid time to do it), or who’ll help you learn marketing and business skills (working for a startup can be helpful), you’ll need to do it in your own time. Read original article here…. premium.wpmudev.org

The Complete Guide to the WordPress Theme Customizer

WordPress 4.7 was released with a ton of great new features (which you can check out here), including some user experience and user interface upgrades to the theme Customizer.

In case you’re hearing about the Customizer for the first time, it’s a feature in the WordPress admin (go to Appearance > Customize) that allows users to tweak theme settings using a WYSIWYG interface and customize a theme’s colors, fonts, text, and pretty much anything else you want to change. Read original article here…. premium.wpmudev.org

6 Steps to Building a WordPress Maintenance Business

Recurring revenue is the Shangri-La for business owners. Rather than scrapping and fighting and hunting for new clients, you have the same clients coming to you again, providing you with a steady stream of income. It takes away the stress of having to dig up new streams of revenue and allows you to start planning ahead.

But if you’re a WordPress designer or developer, you may be a bit perplexed about this whole “recurring revenue” thing. You make your money when clients need something new, like a website refresh for a site that looks like it was designed when MySpace was hot. You essentially have to wait for them to decide they want to change things. The whole idea of regular income feels like a mystery. Read original article here…. sitepoint.com

Daily blogger and plugin author Tom McFarlin has found a new maintainer for five of his WordPress.org plugins. Within two days of putting the plugins up for adoption, McFarlin announced that Philip Arthur Moore will be taking over Category Sticky Post, Comment Tweets, Single Post Message, Tag Sticky Post, and Tipsy Social Icons. Moore, who is currently working as CTO at Professional Themes, has inherited roughly 10,000 users overnight in the transfer of maintainership.

WordPress.org plugin adoption stories are few and far between. The most common scenario for an orphaned plugin is to languish in the directory until it disappears from search results (with the exception of exact matches) after two years of no updates. In McFarlin’s case, he was looking to tie up some loose ends before shifting Pressware’s focus to launching Blogging Plugins, a marketplace for extensions that streamline WordPress for regular bloggers. Read original article here…. wptavern.com

Well that’s a wrap for this week more next week from WP Plugins A to Z.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this. Review Privacy Policy here